By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,828 Members | 1,238 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,828 IT Pros & Developers. It's quick & easy.

Function "isset()" needed in 4.3.5 but not 4.3.0

P: n/a
Hello all,

We are currently changing our web server and, in the process, updating PHP
version from 4.3.0 to 4.3.5. The problem we've got is that our PHP
applications generate errors saying that some of the variables are
Undefined.

I didn't use "if(isset($myVar))" to validate if a variable has been passed
from a HTML form but instead "if($myVar)".

Is there a way to make it work without changing the code?

TIA

Yannick

Jul 17 '05 #1
Share this Question
Share on Google+
8 Replies


P: n/a
On Mon, 05 Apr 2004 10:01:43 -0400, Yannick Turgeon wrote:
Hello all,

We are currently changing our web server and, in the process, updating PHP
version from 4.3.0 to 4.3.5. The problem we've got is that our PHP
applications generate errors saying that some of the variables are
Undefined.

I didn't use "if(isset($myVar))" to validate if a variable has been passed
from a HTML form but instead "if($myVar)".

Is there a way to make it work without changing the code?

TIA

Yannick

Interesting.. is $myVar a bool value? If not.. then why do you assume
something is "wrong"? This would appear to be perfectly reasonable.

isset() checks for definition not for data type.

if ($foo) is a boolean check not a def / undef check.

Seriously... the code needs rewriting.. this is seriously flawed if mu
assumptions are correct.. and unfortunately, something all too easily done
in PHP. Maybe they're slowly getting around to making things more strict
and "standard".. which is IMO, a good thing(tm).

Just my £0.02 worth =)

Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/

Jul 17 '05 #2

P: n/a
Thanks Ian for your reply,

I finally found the answer. Yes, I realise this way of testing if variable
has been passed or not from a form is very poor practice. Why I didn't get
any error on the old server was because the parameter "error_reporting" was
set to exclude "Notices". I did the same on the new server because it would
be too long for the moment to change all the code. It worked.

Yannick

"Ian.H" <ia*@WINDOZEdigiserv.net> wrote in message
news:pa****************************@bubbleboy.digi serv.net...
On Mon, 05 Apr 2004 10:01:43 -0400, Yannick Turgeon wrote:
Hello all,

We are currently changing our web server and, in the process, updating PHP version from 4.3.0 to 4.3.5. The problem we've got is that our PHP
applications generate errors saying that some of the variables are
Undefined.

I didn't use "if(isset($myVar))" to validate if a variable has been passed from a HTML form but instead "if($myVar)".

Is there a way to make it work without changing the code?

TIA

Yannick

Interesting.. is $myVar a bool value? If not.. then why do you assume
something is "wrong"? This would appear to be perfectly reasonable.

isset() checks for definition not for data type.

if ($foo) is a boolean check not a def / undef check.

Seriously... the code needs rewriting.. this is seriously flawed if mu
assumptions are correct.. and unfortunately, something all too easily done
in PHP. Maybe they're slowly getting around to making things more strict
and "standard".. which is IMO, a good thing(tm).

Just my £0.02 worth =)

Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/

Jul 17 '05 #3

P: n/a
[ Posting rearranged into proper Usenet order ]

"Ian.H" <ia*@WINDOZEdigiserv.net> wrote in message
news:pa****************************@bubbleboy.digi serv.net...
On Mon, 05 Apr 2004 10:01:43 -0400, Yannick Turgeon wrote:

[ snip ]
> I didn't use "if(isset($myVar))" to validate if a variable has been passed > from a HTML form but instead "if($myVar)".
>
> Is there a way to make it work without changing the code?


[ snip ]

if ($foo) is a boolean check not a def / undef check.

Seriously... the code needs rewriting.. this is seriously flawed if mu
assumptions are correct.. and unfortunately, something all too easily done
in PHP. Maybe they're slowly getting around to making things more strict
and "standard".. which is IMO, a good thing(tm).


On Mon, 05 Apr 2004 11:06:21 -0400, Yannick Turgeon wrote:
Thanks Ian for your reply,

I finally found the answer. Yes, I realise this way of testing if variable
has been passed or not from a form is very poor practice. Why I didn't get
any error on the old server was because the parameter "error_reporting" was
set to exclude "Notices". I did the same on the new server because it would
be too long for the moment to change all the code. It worked.

No probs Yannick.. glad you found an answer anyway.. but it's also good to
see that you do recognise the "problem" (some people just don't care.. "we
got it to work.. so up yours!" kind of attitude).

I have had similar issues with my own code in the past with some things
(probably most remembered was the register_globals change over for some of
my old scripts). I implemented some hacks to get around the problem until
I had some spare time to rewrite the code _properly_. If a job's worth
doing, it's worth doing right as they say.. but I also appreciate
"immediately" isn't often a possible reality =)

Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/

Jul 17 '05 #4

P: n/a
I noticed that Message-ID:
<pa****************************@bubbleboy.digiserv .net> from Ian.H
contained the following:
I have had similar issues with my own code in the past with some things
(probably most remembered was the register_globals change over for some of
my old scripts).


It doesn't help when bad habits are shown in tutorials. Although my
server (out of my control) has register globals set to on I always use
$_POST, $_GET etc. I resented having to type extra code at first but
now I'm used to it I find it easier to see where my variables are coming
from.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 17 '05 #5

P: n/a
On Mon, 05 Apr 2004 18:11:38 +0100, Geoff Berrow wrote:
I noticed that Message-ID:
<pa****************************@bubbleboy.digiserv .net> from Ian.H
contained the following:
I have had similar issues with my own code in the past with some things
(probably most remembered was the register_globals change over for some of
my old scripts).


It doesn't help when bad habits are shown in tutorials. Although my
server (out of my control) has register globals set to on I always use
$_POST, $_GET etc. I resented having to type extra code at first but
now I'm used to it I find it easier to see where my variables are coming
from.

Most definitely Geoff.. like you, it comes as "second nature" now
(although my servers are configured with globals off).

That's the other popular explanation / reason for using them (besides the
obvious security).. $_POST['foo'] is a _lot_ more descriptive than $foo =)

I used a kind of securish hack to get around it.. by adding:
$foo = $_GET['foo'];
$bar = $_POST['bar'];
etc etc as the first few lines in the script(s). This still kept the
validation then on where they were coming from. Not the best situation for
debugging.. but the scripts worked.. so this wasn't so important at this
time (not like during development).

As time went on I replaced all of these (actually ended up taking the
application down and replaced with phpBB (was a forum)) because I didn't
have the time to create the next phpBB / vBulletin and the features were
lacking somewhat (administration tasks too longer to do just with phpMA..
les automation).

It's an ever growing learning / experience curve.. by the time I get to 10
years of PHP coding.. I'd still lay a rather large £sum on the table and
say I'd still have lots to learn... but that's also half the fun =)

Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/

Jul 17 '05 #6

P: n/a
"Yannick Turgeon" <no****@nowhere.com> wrote in message
news:nF*******************@news20.bellglobal.com.. .
We are currently changing our web server and, in the process, updating PHP
version from 4.3.0 to 4.3.5. The problem we've got is that our PHP
applications generate errors saying that some of the variables are
Undefined.

I didn't use "if(isset($myVar))" to validate if a variable has been passed
from a HTML form but instead "if($myVar)".

Is there a way to make it work without changing the code?


Just change error_reporting in php.ini to something like E_ALL &~ E_NOTICE.
Jul 17 '05 #7

P: n/a
"Geoff Berrow" <bl******@ckdog.co.uk> wrote in message
news:pi********************************@4ax.com...
It doesn't help when bad habits are shown in tutorials. Although my
server (out of my control) has register globals set to on I always use
$_POST, $_GET etc. I resented having to type extra code at first but
now I'm used to it I find it easier to see where my variables are coming
from.


Now wait a second. When has using register-globals become a bad habit?
Quoting the PHP manual: "the directive itself isn't insecure but rather it's
the misuse of it." My biggest problem with the whole register-globals debate
is that people some how think that it's a more secure way of programming in
PHP. There is, of course, no such thing as more secure--you are either
vulnerable or you're not. And there are plenty of ways to screw up. I don't
know how many times I have seen stuff like

include $_GET['section'] . '.php';

or

if($_SESSION['auth']) {
include("forum.php");
}

or

$ids = implode(',', $_POST['checkboxes]);
mssql_query("SELECT * FROM books WHERE book_id IN ($ids)");

where the programmer is satistied that he has followed good practice and let
serious issues slip by under his nose.
Jul 17 '05 #8

P: n/a
I noticed that Message-ID: <qu********************@comcast.com> from
Chung Leong contained the following:
It doesn't help when bad habits are shown in tutorials. Although my
server (out of my control) has register globals set to on I always use
$_POST, $_GET etc. I resented having to type extra code at first but
now I'm used to it I find it easier to see where my variables are coming
from.


Now wait a second. When has using register-globals become a bad habit?


Where did I say that? It is a bad habit to write code that is not
portable, as we see here on a daily basis.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 17 '05 #9

This discussion thread is closed

Replies have been disabled for this discussion.